Senior Cyber Security Engineer

Details

• Security architecture & design: Collaborate with engineering and platform teams to design secure solutions, perform threat modelling and review designs for cloud, container and service‑based architectures.
• Cloud security: Define and enforce secure configurations, network segmentation, identity and access controls for public cloud (primarily AWS).
• Application & infrastructure hardening: Implement secure coding practices, vulnerability management, secrets management and runtime protections for services and CI/CD pipelines.
• Detection & response: Build and maintain monitoring, logging and alerting for security events; lead incident response and post‑incident reviews to drive remediation and lessons learned.
• Incident Management: Support ENSEK’s 24/7 Incident Management processes to ensure security and stability for clients.
• Automation & tooling: Automate security checks, policy enforcement and remediation using IaC, CI/CD integrations and custom tooling where appropriate.
• Compliance & assurance: Work with Risk, Legal and InfoSec to embed controls that support regulatory, privacy and contractual requirements across new territories.
• Measurable risk reduction: Clear evidence of reduced exposure through vulnerability metrics, patch timelines and remediation actions.
• Robust detection capability: High‑fidelity alerts and shortened MTTD/MTTR for security incidents with thorough RCA and preventative measures.
• Secure-by‑design practices adopted: Engineering teams consistently apply threat modelling, secure coding and automated security gates.
• Compliance readiness: Security controls aligned with regulatory and contractual requirements for current and new markets.
• 5+ years’ experience in cyber security within cloud‑native environments, DevOps or platform engineering contexts.
• Strong cloud security knowledge: Practical experience securing AWS services, IAM, networking, KMS/secrets and managed services.
• Container and orchestration security: Experience securing Kubernetes and related tooling (runtime protection, admission controllers, image scanning).
• Detection and monitoring: Hands‑on with logging, metrics and tracing for security use cases.
• Infrastructure as Code & automation: Proficient with Terraform/CloudFormation and CI/CD integration to enforce policy and automate remediations.
• Security Tooling: Hands on experience with Secure Web Gateways, IDP, IDS, EDR, SAST, DAST, WAF technologies.
• Scripting & development skills: Comfortable writing automation and tools in Python, Go, Bash or similar languages.
• 25 days’ holiday + bank holidays
• Option to buy or sell 5 extra annual leave days per year
• Vitality Health Insurance, including private healthcare, virtual GP access and mental‑health support
• Pension with 5% matched contribution
• Regular team‑wide and company‑wide events
• 2 volunteering days per year
• Remote‑first working environment (within the UK) with offices in London and Nottingham